CVE-2022-27882

HIGH

Openbsd - Buffer Overflow

Title source: rule

Description

slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.

References (4)

[Exploit, Third Party Advisory] https://blog.quarkslab.com/heap-overflow-in-openbsds-slaacd-via-router-advertisement.html

[Patch, Release Notes, Vendor Advisory] https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/017_slaacd.patch.sig

[Patch, Release Notes, Vendor Advisory] https://ftp.openbsd.org/pub/OpenBSD/patches/6.9/common/033_slaacd.patch.sig

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20220506-0005/

Scores

CVSS v3 7.5

EPSS 0.0091

EPSS Percentile 75.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-681

Status published

Products (2)

openbsd/openbsd 6.9

openbsd/openbsd 7.0

Published Mar 25, 2022

Tracked Since Feb 18, 2026